Updated jackson version to 2.9.9.1

spring-cloud / spring-cloud-connectors

Library to let cloud applications connect to services

Apache License 2.0

185 stars 161 forks source link

Updated jackson version to 2.9.9.1 #297

Closed mibo closed 5 years ago

mibo commented 5 years ago

Updated jackson version to 2.9.9.1 for following CVE issues: CVE-2019-12814: https://github.com/FasterXML/jackson-databind/issues/2341 CVE-2019-12384: https://github.com/FasterXML/jackson-databind/issues/2334

scottfrederick commented 5 years ago

Please note that this project is in maintenance mode, in favor of the newer Java CFEnv project. We will continue to make this type of security-related changes, but releases will be fewer and further between.

mibo commented 5 years ago

Please note that this project is in maintenance mode, in favor of the newer Java CFEnv project

Thanks for this information, was not yet aware of this. I will check migration to Java CFEnv.